Hi Andrew. Thank you for reply.
The machines are running SLES12 OS. We don't have much data in the machines. It
runs a webserver and has a few configuration details in it. The clients aren't
expected to install any new softwares other than the ones we have already
installed on it or copy any files to the machine. So yes, it may not be that
beneficial to setup ClamAV in these machines. But we need to have an antivirus
solution in place to meet some compliance requirements mandated by the
government and the clients should be able to run the scans if they need to. I
am not planning to set up any scans by default.
________________________________
From: clamav-users <clamav-users-boun...@lists.clamav.net> on behalf of Andrew
C Aitchison via clamav-users <clamav-users@lists.clamav.net>
Sent: 17 May 2021 20:13
To: ANISH SHETTY via clamav-users <clamav-users@lists.clamav.net>
Cc: Andrew C Aitchison <cla...@aitchison.me.uk>
Subject: Re: [clamav-users] Manually copy and use local filesystem as
DownloadMirror/PrivateMirror
Anish,
What sort of scanning are you doing on these client machines ?
Which databases are you using with ClamAV ?
What data is stored on these clients ?
What operating system(s) are they running ?
I ask since the way some of us run ClamAV there is
little benefit on running it on each client machine.
On Mon, 17 May 2021, ANISH SHETTY via clamav-users wrote:
> Hi All,
>
> I needed some clarifications in configuring clamav on our client machines.
>
> We have several client machines and the client machines we have cannot
> contact the official clamav server to fetch the cvd and cdiff files. And
> hosting a private server and setting is up as a DownloadMirror is also not
> possible in our case since we have many clients, and we'll have to setup and
> maintain a server in network of each of these clients.
I believe that the download mirror can be on a different network as
long as the client can see and read it, so you may not need as many
servers as you think.
> However, we provide these client machines with an update periodically (once
> in a quarter as of now) Thereby, I was considering the possibility of
> pushing the virus definition files as part of a client machine update. I can
> have a machine in my local network where I can download the cvd and cdiff
> files as part of cvdupdate and then push these to the client machines as part
> of the update. I had a few questions related to these, would really
> appreciate some help
>
> 1) If I place the cvd files and cdiff file in a temporary location within the
> machine, is it possible to use that location in local filesystem as
> DownloadMirrror/PrivateMirror so that freshclam can merge the cvd and cdiff
> files (or any other way to do this, to avoid having several cdiff files). I
> couldn't find any info on this in the documentation.
>
> 2) If I place the cvd files and consequent cdiff files in /var/lib/clamav,
> will clamd consider only the cvd files, or would it consider the cdiffs as
> well? (If I can't use freshclam on local filesystem)
>
> 3) Is there any better way to approach this? I know that having a quarterly
> update of virus definitions leave the machines at risk. The clients can keep
> the cvds updated if they want to. But I expect a lot of the customers to not
> keep the cvds updated and was thinking of a best possible way to address
> them. I am also aware of the 90 days limit on the cdiffs available. So, if
> this approach doesn't make sense for quarterly cycle, I can think of pushing
> them each month.
Clam people:
if the machines are rebooted (not just hibernated) daily,
could the .cld (probably not .cvd) files be mounted from a network share
(kept updated by running freshclam on the server),
rather than each client running freshclam ?
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
